From: Eric Dumazet <eduma...@google.com>
Date: Sun, 28 Apr 2019 12:22:25 -0700
> We had many syzbot reports that seem to be caused by use-after-free
> of struct fib6_info.
>
> ip6_dst_destroy(), fib6_drop_pcpu_from() and rt6_remove_exception()
> are writers vs rt->from, and use non consistent synchronization among
> themselves.
>
> Switching to xchg() will solve the issues with no possible
> lockdep issues.
...
> Fixes: a68886a69180 ("net/ipv6: Make from in rt6_info rcu protected")
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Reported-by: syzbot <syzkal...@googlegroups.com>
> Cc: David Ahern <dsah...@gmail.com>
Applied and queued up for -stable, thanks Eric.
